Please review this guide to run Backup My org or Clean My Org as HTTPS:
...
Please expand and review the following in-depth, illustrated guide to Admin Tools Enterprise. This section further expands on the Admin Tools 2.0 Enterprise Installation Instructions:
Expand |
---|
title | Registering Admin Tools Enterprise for an OAuth App ID (Non-IWA Installs) |
---|
|
Info |
---|
These steps only apply to ArcGIS Enterprise environments. Users with ArcGIS Online environments do not need to provide connector information or AppID information when using Admin Tools. This is ONLY necessary for installs that DO NOT use Integrated Windows Authentication (IWA). |
From the "My Content" tab, select "Add Item” → “An application". Image AddedName the application "Admin Tools”. Image AddedNavigate to the "Settings" Tab of the new Admin Tools application. Image AddedIn the "Application" Section, click the "Registered Info" button. Image AddedIn some cases, an application URL is required in the “Data Source” field (shown in the image above). This can be any URL, so add your own, or simply add https://geo-jobe.com . The App ID is listed here (shown in image below). Providing this App ID will be necessary for the creation of your build.Next, click the "Update" button. Image AddedAdd the full URL of where admin tools will be running from (HTTP and/or HTTPS). Image Added Info |
---|
Domain ExamplePlease add the organization’s actual domain that will be running from Admin Tools to this Redirect URI. Ensure that '/' is not included at the end of your domain as this could potentially cause Admin Tools to unsuccessfully connect to the Redirect URI. |
Finally, select the "Update" button to save your changes. Image AddedYou should now have the OAuth App ID and Redirect URIs necessary to start the Admin Tools Installation. |
Please expand and review the following options to run Backup My Org or Clean My Org as HTTPS:
Expand |
---|
title | Option 1: Using an existing IIS PFX Certificate (RECOMMENDED) |
---|
|
Export the certificate from IIS: a. Open the IIS Manager b. Click on the server name in the "Connections" pane (located left-hand side) c. In the middle pane, double-click on "Server Certificates" d. Select the certificate you want to export e. Click "Export" in the "Actions" pane (located on the right-hand side) f. Follow the wizard to export the certificate as a .pfx file (Note: remember the passphrase you specified to protect the cert) g. Export the PFX to the BackupMyOrg/CleanMyOrg main folder (Note: if you don’t have an export option you may need to re-import the certificate to IIS with the allow export option)
Open the command prompt and navigate to the BackupMyOrg/CleanMyOrg directory and type: Code Block |
---|
backupmyorg pfx <passphrase> |
OR
|
...
Code Block |
---|
cleanmyorg pfx <passphrase> |
(Note: This will save the passphrase as an encrypted string in the MongoDB database.) In the main application directory,
|
...
edit the config/nodeconfig.json file and make the following modifications: Note: If you are using an absolute path in your nodeconfig.json file, be sure to use double backslashes, such as "C:\\BackupMyOrg\\Certificates\certificate.pem"
|
...
or "C:\\CleanMyOrg\\Certificates\certificate.pem" Code Block |
---|
"useHTTPS": true, |
|
...
...
...
...
"pfx": "<name of your PFX file>" |
|
...
...
Restart your BackupMyOrg/CleanMyOrg server app or service, then load https://localhost:8500 or https://yourwebdomain:8500 (for BackupMyOrg)
|
...
Expand |
---|
title | Option 2: Using a key and pem file |
---|
|
...
|
Both a certificate and key .pem file are required. (If you need to generate these, you can do so by downloading OpenSSL at https://slproweb.com/download/Win64OpenSSL_Light-3_2_0.msi) Open the command prompt in Windows Run the following commands to generate your private key and public certificate:
Code Block |
---|
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem |
|
...
openssl x509 -text -noout -in certificate.pem |
Once you have the cert and key files, copy them to your BackupMyOrg or CleanMyOrg main folder Edit the config/nodeconfig.json file and make the following modifications:
Code Block |
---|
“useHTTPS”: true, |
|
...
“certificate”: <name of your certificate.pem file>, |
|
...
“key”: <name of your key .pem |
|
...
Restart your BackupMyOrg/CleanMyOrg server app or service, then load https://localhost:8500 or https://yourwebdomain:8500 (for BackupMyOrg)
|
...
or https://localhost:8000 or https://yourwebdomain:8000 (for Clean My Org) in your browser.
|
title If If you have created a self signed certificate, those will always | show up appear as not trusted. You will need to buy a certificate from a trusted source (such as Verisign) to have a signed certificate from an authority. Image Added |
|
Expand |
---|
Image Removedtitle | Option 3: Convert an existing IIS Certificate into a key/pem |
---|
|
...
|
To convert an IIS certificate to a .KEY and .PEM format for use in BackupMyOrg or CleanMyOrg, you can follow these steps: Export the certificate from IIS: a. Open the IIS Manager b.
|
...
Click on the server name in the "Connections" pane (located left-hand side) c. In the middle pane, double-click on "Server Certificates" d. Select the certificate you want to export e.
|
...
Click "Export" in the "Actions" pane (located on the right-hand side) f. Follow the wizard to export the certificate as a .pfx file (remember the password you specified to protect the cert) (Note: if you don’t have an export option you may need to re-import the certificate to IIS with the allow export option)
Convert the .pfx file to a .pem file using OpenSSL: a. Install OpenSSL on your computer if it is not already installed (Windows version can be found at: https://slproweb.com/products/Win32OpenSSL.html b. Copy the .pfx file to the OpenSSL /bin folder c. Open a command prompt or terminal window d. Navigate to the openSSL bin directory e. Run the following command (changing exported cert name as necessary):
Code Block |
---|
openssl pkcs12 -in exportedCert.pfx -out yourcert.pem -nodes |
This command will prompt you for the password you used to protect the .pfx file. Enter the password and press Enter. The command will create a .pem file in the same directory as the .pfx file. Extract the private key from the .pem file using OpenSSL: a. Run the following command in the same directory where the .pem file is saved:
Code Block |
---|
openssl rsa -in yourcert.pem -out yourkey.key |
This command will extract the private key from the .pem file and save it as a separate .key file in the same directory. Copy the .pem and .key to the application directory and configure config/nodeconfig.json a. Copy the new .pem and .key file to your application root directory b. Open <application directory>\config\nodeconfig.json c. Modify the settings as follows (changing names as necessary):
Code Block |
---|
"useHTTPS": true, |
|
...
...
"certificate": "yourcert.pem", |
|
...
...
Restart the BackupMyOrg/CleanMyOrg server and open the browser using https location.
|
Related articles
Filter by label (Content by label) |
---|
showLabels | false |
---|
max | 5 |
---|
spaces | com.atlassian.confluence.content.render.xhtml.model.resource.identifiers.SpaceResourceIdentifier@2e60ee99 |
---|
showSpace | false |
---|
sort | modified |
---|
reverse | true |
---|
type | page |
---|
cql | label in ( "org" , "clean" , "https" , "my" ) and type = "page" and space = "GJKBASE" |
---|
labels | clean my org https |
---|
|